Three individuals stand accused of leading a large-scale hacking operation targeting email and Instagram accounts, potentially involving over 100 million users worldwide.
Ukrainian law enforcement officials, in collaboration with investigators from the Kharkiv region, apprehended three suspects – aged 20 to 40 – believed to be responsible for hacking email and Instagram accounts.
The investigation revealed the group’s modus operandi involved using a “brute force” method, employing software to try a massive number of password combinations until successful.
Authorities emphasize the importance of two-factor authentication and strong passwords to safeguard against such attacks.
The investigation suggests the group operated for at least a year, accumulating a database containing over 100 million stolen accounts from users across the globe.
This information will be meticulously analyzed as the investigation unfolds. Operating from different regions within Ukraine, the group allegedly coordinated online.
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :
AcuRisQ, that helps you to quantify risk accurately:
The suspected ringleader assigned tasks to members who compiled hacked account databases and sold them on the darknet – a hidden part of the internet often used for illegal activities.
According to intelligence, the primary clients for these compromised accounts were likely fraudulent groups operating in the darknet.
These groups might have purchased stolen accounts for various scams, potentially involving schemes like “Friend Asks for Debt.”
Law enforcement conducted searches at seven locations across Ukraine, seizing over 70 computer devices, 14 phones, bank cards, and cash exceeding $3,000. A court petition for the seized property has been submitted.
The three suspects face potential charges under Article 28.3 and 361.5 of the Ukrainian Criminal Code, pertaining to unauthorized access to computer systems and electronic communications.
Conviction could lead to a maximum sentence of 15 years imprisonment. Authorities are seeking pre-trial detention for the suspects.
Investigators are probing a possible connection between the accused and Russian agents.
The investigation suspects the stolen accounts may have been used for “information warfare operations” supporting Russia.
The investigation remains active, with the possibility of additional charges based on future findings.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
In the current software landscape, security breaches caused by untested or poorly tested code are…
Cybersecurity in mergers and acquisitions is crucial, as M&A activities represent key inflection points for…
In 2025, cybersecurity trends for CISOs will reflect a landscape that is more dynamic and…
Zero-trust architecture has become essential for securing operations in today’s hyper-connected world, where corporate network…
The Chrome team has officially promoted Chrome 136 to the stable channel for Windows, Mac,…
By fusing agentic AI and contextual threat intelligence, SecAI transforms investigation from a bottleneck into…